private void showVerificationForm(ApplicationEntry ae, string oauthToken, string sessionId)
{
TextBox verifyTextBox = new TextBox("verify");
HiddenField oauthTokenHiddenField = new HiddenField("oauth_token");
oauthTokenHiddenField.Value = oauthToken;
HiddenField modeHiddenField = new HiddenField("mode");
modeHiddenField.Value = "verify";
SubmitButton submitButton = new SubmitButton("submit", core.Prose.GetString("AUTHORISE"));
Button cancelButton = new Button("cancel", core.Prose.GetString("CANCEL"), "cancel");
cancelButton.Script.OnClick = "window.external.notify('cancel'); return false;";
template.SetTemplate("oauth_authorize.html");
template.Parse("U_POST", core.Hyperlink.AppendSid("/oauth/approve", true, sessionId));
template.Parse("VERIFY", "TRUE");
template.Parse("AUTHORISE_APPLICATION", string.Format(core.Prose.GetString("AUTHORISE_APPLICATION"), ae.Title));
template.Parse("APPLICATION_ICON", ae.Icon);
template.Parse("S_VERIFY", verifyTextBox);
template.Parse("S_OAUTH_TOKEN", oauthTokenHiddenField);
template.Parse("S_MODE", modeHiddenField);
template.Parse("S_SUBMIT", submitButton);
template.Parse("S_CANCEL", cancelButton);
EndResponse();
}
public void ParseACL(Template template, Primitive owner, string variable)
{
Template aclTemplate = new Template("std.acl.html");
aclTemplate.Medium = core.Template.Medium;
aclTemplate.SetProse(core.Prose);
if (itemPermissions == null)
{
itemPermissions = GetPermissions(core, item);
}
if (itemGrants == null)
{
itemGrants = AccessControlGrant.GetGrants(core, item);
}
if (unsavedGrants == null)
{
unsavedGrants = new List<UnsavedAccessControlGrant>();
}
if (itemGrants != null)
{
foreach (AccessControlGrant itemGrant in itemGrants)
{
core.PrimitiveCache.LoadPrimitiveProfile(itemGrant.PrimitiveKey);
}
}
bool simple = item.IsSimplePermissions;
string mode = core.Http["aclmode"];
switch (mode)
{
case "simple":
simple = true;
break;
case "detailed":
simple = false;
break;
}
bool first = true;
PermissionTypes lastType = PermissionTypes.View;
VariableCollection permissionTypeVariableCollection = null;
PermissionGroupSelectBox typeGroupSelectBox = null;
List<PrimitivePermissionGroup> ownerGroups = null;
if (itemPermissions != null)
{
foreach (AccessControlPermission itemPermission in itemPermissions)
{
if (first || itemPermission.PermissionType != lastType)
{
if (typeGroupSelectBox != null)
{
permissionTypeVariableCollection.Parse("S_SIMPLE_SELECT", typeGroupSelectBox);
}
permissionTypeVariableCollection = aclTemplate.CreateChild("permision_types");
typeGroupSelectBox = new PermissionGroupSelectBox(core, "group-select-" + itemPermission.PermissionType.ToString(), item.ItemKey);
permissionTypeVariableCollection.Parse("TITLE", AccessControlLists.PermissionTypeToString(itemPermission.PermissionType));
first = false;
lastType = itemPermission.PermissionType;
}
if (simple)
{
if (ownerGroups == null)
{
ownerGroups = new List<PrimitivePermissionGroup>();
int itemGroups = 0;
Type type = item.GetType();
if (type.GetMethod(type.Name + "_GetItemGroups", new Type[] { typeof(Core) }) != null)
{
ownerGroups.AddRange((List<PrimitivePermissionGroup>)type.InvokeMember(type.Name + "_GetItemGroups", BindingFlags.Public | BindingFlags.Static | BindingFlags.InvokeMethod, null, null, new object[] { core }));
itemGroups = ownerGroups.Count;
}
ownerGroups.AddRange(core.GetPrimitivePermissionGroups(owner));
}
VariableCollection permissionVariableCollection = permissionTypeVariableCollection.CreateChild("permission_desc");
permissionVariableCollection.Parse("ID", itemPermission.Id.ToString());
permissionVariableCollection.Parse("TITLE", itemPermission.Name);
permissionVariableCollection.Parse("DESCRIPTION", itemPermission.Description);
if (itemGrants != null)
{
foreach (AccessControlGrant itemGrant in itemGrants)
{
if (itemGrant.PermissionId == itemPermission.Id)
{
switch (itemGrant.Allow)
{
case AccessControlGrants.Allow:
PrimitivePermissionGroup ppg = null;
ppg = new PrimitivePermissionGroup(itemGrant.PrimitiveKey, string.Empty, string.Empty);
foreach (PrimitivePermissionGroup p in ownerGroups)
{
if (ppg.ItemKey.Equals(p.ItemKey))
{
ppg = p;
break;
}
}
if (!typeGroupSelectBox.ItemKeys.Contains(ppg))
{
typeGroupSelectBox.ItemKeys.Add(ppg);
}
break;
default:
break;
}
}
}
}
}
else
{
VariableCollection permissionVariableCollection = permissionTypeVariableCollection.CreateChild("permission");
permissionVariableCollection.Parse("ID", itemPermission.Id.ToString());
permissionVariableCollection.Parse("TITLE", itemPermission.Name);
permissionVariableCollection.Parse("DESCRIPTION", itemPermission.Description);
SelectBox groupsSelectBox = BuildGroupsSelectBox(string.Format("new-permission-group[{0}]", itemPermission.Id), owner);
if (itemGrants != null)
{
foreach (AccessControlGrant itemGrant in itemGrants)
{
if (itemGrant.PermissionId == itemPermission.Id)
{
string gsbk = string.Format("{0},{1}", itemGrant.PrimitiveKey.TypeId, itemGrant.PrimitiveKey.Id);
if (groupsSelectBox.ContainsKey(gsbk))
{
groupsSelectBox[gsbk].Selectable = false;
}
VariableCollection grantVariableCollection = permissionVariableCollection.CreateChild("grant");
if (groupsSelectBox.ContainsKey(gsbk))
{
string text = groupsSelectBox[gsbk].Text;
if (text.StartsWith(" -- ", StringComparison.Ordinal))
{
text = text.Substring(4);
}
grantVariableCollection.Parse("DISPLAY_NAME", text);
groupsSelectBox[gsbk].Selectable = false;
}
else
{
try
{
grantVariableCollection.Parse("DISPLAY_NAME", core.PrimitiveCache[itemGrant.PrimitiveKey].DisplayName);
}
catch
{
grantVariableCollection.Parse("DISPLAY_NAME", "{{ERROR LOADING PRIMITIVE(" + itemGrant.PrimitiveKey.TypeId.ToString() + "," + itemGrant.PrimitiveKey.Id.ToString() + ":" + (new ItemType(core, itemGrant.PrimitiveKey.TypeId)).Namespace + ")}}");
}
}
RadioList allowrl = new RadioList("allow[" + itemGrant.PermissionId.ToString() + "," + itemGrant.PrimitiveKey.TypeId.ToString() + "," + itemGrant.PrimitiveKey.Id.ToString() + "]");
SelectBox allowsb = new SelectBox("allow[" + itemGrant.PermissionId.ToString() + "," + itemGrant.PrimitiveKey.TypeId.ToString() + "," + itemGrant.PrimitiveKey.Id.ToString() + "]");
Button deleteButton = new Button("delete", "Delete", itemGrant.PermissionId.ToString() + "," + itemGrant.PrimitiveKey.TypeId.ToString() + "," + itemGrant.PrimitiveKey.Id.ToString());
allowrl.Add(new RadioListItem(allowrl.Name, "allow", "Allow"));
allowrl.Add(new RadioListItem(allowrl.Name, "deny", "Deny"));
allowrl.Add(new RadioListItem(allowrl.Name, "inherit", "Inherit"));
allowsb.Add(new SelectBoxItem("allow", "Allow"));
allowsb.Add(new SelectBoxItem("deny", "Deny"));
allowsb.Add(new SelectBoxItem("inherit", "Inherit"));
switch (itemGrant.Allow)
{
case AccessControlGrants.Allow:
allowrl.SelectedKey = "allow";
allowsb.SelectedKey = "allow";
break;
case AccessControlGrants.Deny:
allowrl.SelectedKey = "deny";
allowsb.SelectedKey = "deny";
break;
case AccessControlGrants.Inherit:
allowrl.SelectedKey = "inherit";
allowsb.SelectedKey = "inherit";
break;
}
if (core.Http.Form["allow[" + itemPermission.Id.ToString() + "," + itemGrant.PrimitiveKey.TypeId.ToString() + "," + itemGrant.PrimitiveKey.Id.ToString() + "]"] != null)
{
allowrl.SelectedKey = core.Http.Form["allow[" + itemPermission.Id.ToString() + "," + itemGrant.PrimitiveKey.TypeId.ToString() + "," + itemGrant.PrimitiveKey.Id.ToString() + "]"];
}
grantVariableCollection.Parse("S_GRANT", allowsb);
grantVariableCollection.Parse("S_ALLOW", allowrl["allow"]);
grantVariableCollection.Parse("S_DENY", allowrl["deny"]);
grantVariableCollection.Parse("S_INHERIT", allowrl["inherit"]);
grantVariableCollection.Parse("S_DELETE", deleteButton);
grantVariableCollection.Parse("ID", string.Format("{0},{1}", itemGrant.PrimitiveKey.TypeId, itemGrant.PrimitiveKey.Id));
grantVariableCollection.Parse("PERMISSION_ID", itemPermission.Id.ToString());
grantVariableCollection.Parse("IS_NEW", "FALSE");
}
}
foreach (AccessControlGrant itemGrant in itemGrants)
{
VariableCollection grantsVariableCollection = template.CreateChild("grants");
}
}
if (core.Http.Form["save"] == null)
{
foreach (SelectBoxItem gsbi in groupsSelectBox)
{
if (core.Http.Form[string.Format("new-grant[{0},{1}]", itemPermission.Id, gsbi.Key)] != null)
{
ItemKey ik = new ItemKey(gsbi.Key);
UnsavedAccessControlGrant uacg = new UnsavedAccessControlGrant(core, ik, item.ItemKey, itemPermission.Id, AccessControlGrants.Inherit);
VariableCollection grantVariableCollection = permissionVariableCollection.CreateChild("grant");
grantVariableCollection.Parse("DISPLAY_NAME", gsbi.Text);
RadioList allowrl = new RadioList("allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]");
SelectBox allowsb = new SelectBox("allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]");
allowrl.Add(new RadioListItem(allowrl.Name, "allow", "Allow"));
allowrl.Add(new RadioListItem(allowrl.Name, "deny", "Deny"));
allowrl.Add(new RadioListItem(allowrl.Name, "inherit", "Inherit"));
allowsb.Add(new SelectBoxItem("allow", "Allow"));
allowsb.Add(new SelectBoxItem("deny", "Deny"));
allowsb.Add(new SelectBoxItem("inherit", "Inherit"));
if (core.Http.Form["allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]"] != null)
{
allowrl.SelectedKey = core.Http.Form["allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]"];
}
else
{
switch (uacg.Allow)
{
case AccessControlGrants.Allow:
allowrl.SelectedKey = "allow";
allowsb.SelectedKey = "allow";
break;
case AccessControlGrants.Deny:
allowrl.SelectedKey = "deny";
allowsb.SelectedKey = "deny";
break;
case AccessControlGrants.Inherit:
allowrl.SelectedKey = "inherit";
allowsb.SelectedKey = "inherit";
break;
}
}
grantVariableCollection.Parse("S_GRANT", allowsb);
grantVariableCollection.Parse("S_ALLOW", allowrl["allow"]);
grantVariableCollection.Parse("S_DENY", allowrl["deny"]);
grantVariableCollection.Parse("S_INHERIT", allowrl["inherit"]);
grantVariableCollection.Parse("ID", string.Format("{0},{1}", ik.TypeId, ik.Id));
grantVariableCollection.Parse("PERMISSION_ID", itemPermission.Id.ToString());
grantVariableCollection.Parse("IS_NEW", "TRUE");
gsbi.Selectable = false;
}
}
}
if (core.Http.Form[string.Format("add-permission[{0}]", itemPermission.Id)] != null)
{
string groupSelectBoxId = core.Http.Form[string.Format("new-permission-group[{0}]", itemPermission.Id)];
ItemKey ik = new ItemKey(groupSelectBoxId);
UnsavedAccessControlGrant uacg = new UnsavedAccessControlGrant(core, ik, item.ItemKey, itemPermission.Id, AccessControlGrants.Inherit);
VariableCollection grantVariableCollection = permissionVariableCollection.CreateChild("grant");
grantVariableCollection.Parse("DISPLAY_NAME", groupsSelectBox[groupSelectBoxId].Text);
RadioList allowrl = new RadioList("allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]");
SelectBox allowsb = new SelectBox("allow[" + itemPermission.Id.ToString() + "," + ik.TypeId.ToString() + "," + ik.Id.ToString() + "]");
allowrl.Add(new RadioListItem(allowrl.Name, "allow", "Allow"));
allowrl.Add(new RadioListItem(allowrl.Name, "deny", "Deny"));
allowrl.Add(new RadioListItem(allowrl.Name, "inherit", "Inherit"));
allowsb.Add(new SelectBoxItem("allow", "Allow"));
allowsb.Add(new SelectBoxItem("deny", "Deny"));
allowsb.Add(new SelectBoxItem("inherit", "Inherit"));
switch (uacg.Allow)
{
case AccessControlGrants.Allow:
allowrl.SelectedKey = "allow";
allowsb.SelectedKey = "allow";
break;
case AccessControlGrants.Deny:
allowrl.SelectedKey = "deny";
allowsb.SelectedKey = "deny";
break;
case AccessControlGrants.Inherit:
allowrl.SelectedKey = "inherit";
allowsb.SelectedKey = "inherit";
break;
}
grantVariableCollection.Parse("S_GRANT", allowsb);
grantVariableCollection.Parse("S_ALLOW", allowrl["allow"]);
grantVariableCollection.Parse("S_DENY", allowrl["deny"]);
grantVariableCollection.Parse("S_INHERIT", allowrl["inherit"]);
grantVariableCollection.Parse("ID", string.Format("{0},{1}", ik.TypeId, ik.Id));
grantVariableCollection.Parse("PERMISSION_ID", itemPermission.Id.ToString());
grantVariableCollection.Parse("IS_NEW", "TRUE");
groupsSelectBox[groupSelectBoxId].Selectable = false;
}
permissionVariableCollection.Parse("S_PERMISSION_GROUPS", groupsSelectBox);
RadioList allowNewrl = new RadioList("new-permission-group-allow");
SelectBox allowNewsb = new SelectBox("new-permission-group-allow");
allowNewrl.Add(new RadioListItem(allowNewrl.Name, "allow", "Allow"));
allowNewrl.Add(new RadioListItem(allowNewrl.Name, "deny", "Deny"));
allowNewrl.Add(new RadioListItem(allowNewrl.Name, "inherit", "Inherit"));
allowNewsb.Add(new SelectBoxItem("allow", "Allow"));
allowNewsb.Add(new SelectBoxItem("deny", "Deny"));
allowNewsb.Add(new SelectBoxItem("inherit", "Inherit"));
allowNewrl.SelectedKey = "inherit";
allowNewsb.SelectedKey = "inherit";
permissionVariableCollection.Parse("S_GRANT", allowNewsb);
permissionVariableCollection.Parse("S_ALLOW", allowNewrl["allow"].ToString());
permissionVariableCollection.Parse("S_DENY", allowNewrl["deny"].ToString());
permissionVariableCollection.Parse("S_INHERIT", allowNewrl["inherit"].ToString());
}
}
if (typeGroupSelectBox != null)
{
permissionTypeVariableCollection.Parse("S_SIMPLE_SELECT", typeGroupSelectBox);
}
}
if (string.IsNullOrEmpty(variable))
{
variable = "S_PERMISSIONS";
}
/*PermissionGroupSelectBox groupSelectBox = new PermissionGroupSelectBox(core, "group-select", item.ItemKey);
groupSelectBox.SelectMultiple = true;
aclTemplate.Parse("S_SIMPLE_SELECT", groupSelectBox);*/
if (simple)
{
aclTemplate.Parse("IS_SIMPLE", "TRUE");
}
aclTemplate.Parse("U_DETAILED", Access.BuildAclUri(core, item, false));
aclTemplate.Parse("U_SIMPLE", Access.BuildAclUri(core, item, true));
HiddenField modeField = new HiddenField("aclmode");
if (simple)
{
modeField.Value = "simple";
}
else
{
modeField.Value = "detailed";
}
aclTemplate.Parse("S_ACLMODE", modeField);
template.ParseRaw(variable, aclTemplate.ToString());
}
private void OAuthAuthorize(bool fail)
{
bool forceLogin = (core.Http.Query["force_login"] == "true");
string oauthToken = core.Http["oauth_token"];
try
{
OAuthToken token = new OAuthToken(core, oauthToken);
ApplicationEntry ae = token.Application;
TextBox usernameTextBox = new TextBox("username");
TextBox passwordTextBox = new TextBox("password", InputType.Password);
HiddenField oauthTokenHiddenField = new HiddenField("oauth_token");
oauthTokenHiddenField.Value = oauthToken;
SubmitButton submitButton = new SubmitButton("submit", core.Prose.GetString("AUTHORISE"));
Button cancelButton = new Button("cancel", core.Prose.GetString("CANCEL"), "cancel");
cancelButton.Script.OnClick = "window.external.notify('cancel'); return false;";
if (token.TokenExpired)
{
core.Functions.Generate403();
EndResponse();
return;
}
template.SetTemplate("oauth_authorize.html");
template.Parse("U_POST", core.Hyperlink.AppendSid("/oauth/approve", true));
template.Parse("REQUIRE_LOGIN", ((forceLogin || (!core.Session.SignedIn)) ? "TRUE" : "FALSE"));
template.Parse("AUTHORISE_APPLICATION", string.Format(core.Prose.GetString("AUTHORISE_APPLICATION"), ae.Title));
template.Parse("APPLICATION_ICON", ae.Icon);
template.Parse("S_USERNAME", usernameTextBox);
template.Parse("S_PASSWORD", passwordTextBox);
template.Parse("S_OAUTH_TOKEN", oauthTokenHiddenField);
template.Parse("S_SUBMIT", submitButton);
template.Parse("S_CANCEL", cancelButton);
}
catch (InvalidOAuthTokenException)
{
core.Functions.Generate403();
}
catch (InvalidApplicationException)
{
core.Functions.Generate403();
}
EndResponse();
}
